Currently DNSBLs are seeing a fair amount of requests for AAAA records.
I'm currently wondering if these could/should be treated as requests
for A records, as it is quite possible that the DNSBL client is
completely unaware that these requests are being done by the resolver.
Hmmn. What AAAA record would you return? This strikes me as a place
where, if anything, the draft should be clearer that the values are
always A records, not do something kludgy for the benefit of unknown
broken software.
Perhaps something could be said to warn about the domain name
aftermarket, and that clients might want to quantify the return values
to ensure that A records exist within 127/8. Historically domain names
hosting the DNSBL have expired and the new owners install wild-card records.
That's the point of the MUST/MUST NOT tests described later.
2.3. Combined IP address DNSxL
Perhaps a recommendation that DNSBL operators not combine there IPv4 and
IPv6 lists, instead using sublists for each could be inserted here.
Why not? As it says later, if you want to use the same zone for v4 and
v6 addresses, it'll work OK since there's no overlap in the names.
A few name-based DNSBLs encode e-mail addresses using a convention
adapted from DNS SOA records, with the mailbox name encoded as the
first component of the domain name, so an entry for
fred(_at_)invalid(_dot_)edu
would have the name fred.invalid.edu.doms.example.net:
Note that this can be ambiguous with hostnames and sub-domains.
A list needs to be either all domains or all e-mail addresses. Do we
need to call that out?
R's,
John
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/asrg